<?xml version="1.0" encoding="UTF-8"?>
<html xmlns:ft="https://github.com/OpenType/fonttest"
      xmlns:xlink="http://www.w3.org/1999/xlink">
<body>
<h3 id="GSUB-3">GSUB-3: Substituting a Billion Laughs</h3>

<div class="desc">
  The <a href="../fonts/TestGSUBThree.ttf">font</a> for this test case
  is an OpenType version of the <a
  href="https://en.wikipedia.org/wiki/Billion_laughs_attack">Billion
  laughs attack</a>. Its <em>GSUB</em> table contains a sequence of
  nine identical lookups. Each lookup replaces the glyph <em>o</em> by
  the string <em>olololololololololo</em>, provided that the
  <em>o</em> is surrounded (both preceded and followed) by an
  <em>l</em>. The first lookup thus expands one single laugh
  <em>(lol)</em> into ten. The second lookup gives 100 laughs; the
  third 1000; the fourth 10,000; the fifth 100,000; and so forth.
  After executing the ninth lookup, the final result would be a
  billion laughs, but this takes a very long time (and large amounts
  of memory) to compute. If your implementation is immune to this
  attack, it should neither crash nor hang when rendering <em>lol</em>
  with this font. Instead, your implementation should stop executing
  once its internal buffer has reached a size limit. See also <a
  href="https://github.com/foliojs/fontkit/issues/221">fontkit
  bug 221</a>.
</div>

<table>
  <tr>
    <th>Expected</th>
    <td class="expected-no-crash" ft:id="GSUB-3/1" ft:render="lol"
        ft:font="TestGSUBThree.ttf">Shouldn’t crash</td>
  </tr>

  <tr>
    <th class="conformance-header">Conformance</th>
    <td class="conformance" ft:id="GSUB-3/1"/>
  </tr>
</table>
</body>
</html>
